stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
docs/features/checked/attestor/risk-budget-unknowns-gate.md Normal file
View File

@@ -0,0 +1,46 @@
# Risk Budget / Unknowns Gate
## Module
Attestor
## Status
VERIFIED
## Description
Risk budget enforcement with unknowns gate checker, budget violation predicates, and unknowns aggregation across evidence chains.
## Implementation Details
- **Budget Check Predicate**: `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Predicates/BudgetCheckPredicate.cs` -- predicate for budget check results.
- **Budget Check Result**: `Predicates/BudgetCheckResult.cs` -- result of a budget check (pass/fail with details). Also in `Services/BudgetCheckResult.cs`.
- **Budget Config**: `Predicates/BudgetConfig.cs` -- budget configuration (max unknowns, max unresolved, thresholds).
- **Budget Actual Counts**: `Predicates/BudgetActualCounts.cs` -- actual counts observed against the budget.
- **Budget Violation**: `Predicates/BudgetViolation.cs` -- individual budget violation. Also in `Services/BudgetViolation.cs`.
- **Budget Violation Predicate**: `Predicates/BudgetViolationPredicate.cs` -- predicate containing all violations for attestation.
- **Unknowns Aggregator**: `Services/IUnknownsAggregator.cs` -- interface for aggregating unknowns across evidence chains.
- **Unknown Item**: `Services/UnknownItem.cs` -- individual unknown item in the evidence chain.
- **Exception Ref**: `Services/ExceptionRef.cs` -- reference to an exception that offsets a budget violation.
- **Uncertainty Budget Payload**: `Statements/UncertaintyBudgetPayload.cs` -- in-toto payload for uncertainty budgets.
- **Uncertainty Budget Statement**: `Statements/UncertaintyBudgetStatement.cs` -- in-toto statement wrapping budget data.
- **Budget Definitions**: `Statements/BudgetDefinition.cs`, `BudgetExceptionEntry.cs`, `BudgetObservation.cs`, `BudgetViolationEntry.cs` -- statement-level budget models.
- **Delta Verdict Budget**: `Predicates/DeltaVerdictPredicate.Budget.cs` -- budget tracking in delta verdicts.
- **Tests**: `__Tests/StellaOps.Attestor.ProofChain.Tests/BudgetCheckTests.cs`
## E2E Test Plan
- [ ] Create a `BudgetConfig` with max_unknowns=5, check against `BudgetActualCounts` with 3 unknowns, and verify `BudgetCheckResult` passes
- [ ] Create a `BudgetConfig` with max_unknowns=5, check against 7 unknowns, and verify `BudgetCheckResult` fails with `BudgetViolation`
- [ ] Aggregate unknowns across multiple evidence chains via `IUnknownsAggregator` and verify total count
- [ ] Create a `BudgetViolationPredicate` with multiple violations and sign it into a DSSE envelope
- [ ] Apply an `ExceptionRef` to offset a budget violation and verify the adjusted budget passes
- [ ] Build an `UncertaintyBudgetStatement` with budget definitions and observations; verify the statement structure
- [ ] Verify delta verdict budget tracking via `DeltaVerdictPredicate.Budget`: budget violations in delta context
- [ ] Verify `UnknownItem` captures the source, reason, and evidence chain context for each unknown
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source Verification | PASS |
| Tier 1 - Build + Code Review | PASS |
| Tier 2 - Behavioral Verification | PASS |
| Verified Date | 2026-02-13 |
| Run ID | run-001 |